package integration.rbacapi.validator;

import com.fasterxml.jackson.core.type.TypeReference;
import functional.stubs.StubApplicationUtil;
import io.confluent.http.server.KafkaHttpServerImpl;
import io.confluent.rbacapi.errors.ErrorResponse;
import java.io.IOException;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Response;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
import utils.MdsJsonUtil;

/* loaded from: input_file:integration/rbacapi/validator/SecureConstraintValidatorTest.class */
public class SecureConstraintValidatorTest {
    public static final String validScopeStr = "{ 'clusters' : {'kafka-cluster': 'StubMetadataClusterId' } }".replace("'", "\"");
    public static String HOST_AND_PORT;
    public static String ROLE_NAMES_PATH;
    private final Client client = ClientBuilder.newClient();
    private KafkaHttpServerImpl httpServer;

    @BeforeClass
    public void setUpBeforeClass() throws Exception {
        this.httpServer = StubApplicationUtil.createStubServer();
        StubApplicationUtil.startStubServer(this.httpServer);
        String num = Integer.toString(this.httpServer.getPrimaryPort());
        System.out.println("Stub port is " + num);
        HOST_AND_PORT = "http://localhost:" + num;
        ROLE_NAMES_PATH = "/security/1.0/lookup/principals/User:Bob/roleNames";
    }

    @AfterClass
    public void tearDownAfterClass() throws Exception {
        StubApplicationUtil.tearDownStubServer(this.httpServer);
    }

    private static void verifyErrorResponse(Response response, String str, String str2) throws IOException {
        Assert.assertEquals(response.getStatus(), 400);
        Assert.assertEquals(response.getHeaderString("Content-Type"), "application/json");
        ErrorResponse errorResponse = (ErrorResponse) MdsJsonUtil.deserializeJson((String) response.readEntity(String.class), new TypeReference<ErrorResponse>() { // from class: integration.rbacapi.validator.SecureConstraintValidatorTest.1
        });
        Assert.assertEquals(errorResponse.type, "INVALID REQUEST DATA");
        Assert.assertTrue(errorResponse.message.equals(str), "ERROR MESSAGE was : " + errorResponse.message);
        Assert.assertFalse(errorResponse.message.contains(str2), "ERROR MESSAGE was : " + errorResponse.message);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] getELInjectionAuthorizeData() {
        return new Object[]{new Object[]{"/security/1.0/authorize", "'Topic'", "'${999+1}'", "Invalid operation : ${999+1}", "Invalid operation : 1000"}, new Object[]{"/security/1.0/authorize", "'Topic'", "'#{999+1}'", "Invalid operation : #{999+1}", "Invalid operation : 1000"}, new Object[]{"/security/1.0/authorize", "'Topic'", "'hello${\\\"tustur\\\".toString().replace(\\\"u\\\", \\\"e\\\")}'", "Invalid operation : hello${\"tustur\".toString().replace(\"u\", \"e\")}", "Invalid operation : hellotester"}, new Object[]{"/security/1.0/authorize", "'${999+1}'", "'Write'", "Invalid resource type : ${999+1}", "Invalid resource type : 1000"}, new Object[]{"/security/1.0/authorize", "'${true.toString().toUpperCase()}'", "'Write'", "Invalid resource type : ${true.toString().toUpperCase()}", "Invalid resource type : TRUE"}};
    }

    @Test(dataProvider = "getELInjectionAuthorizeData")
    public void constraintViolation_ValidationUtil_Authorize(String str, String str2, String str3, String str4, String str5) throws Throwable {
        verifyErrorResponse(this.client.target(HOST_AND_PORT).path(str).request(new String[]{"application/json"}).put(Entity.json(("{'userPrincipal': 'User:administrator', 'actions' : [ {'scope' : { 'clusters' : { 'kafka-cluster': 'StubMetadataClusterId' } },'resourceName':'Topic-Clicks','resourceType':" + str2 + ",'operation':" + str3 + "} ]}").replace("'", "\""))), str4, str5);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] getELInjectionAddResourceBinding() {
        return new Object[]{new Object[]{"/security/1.0/principals/User:administrator/roles/DeveloperRead/bindings", "'${999+1}'", "Invalid resource type : ${999+1}", "Invalid resource type : 1000"}, new Object[]{"/security/1.0/principals/User:administrator/roles/DeveloperRead/bindings", "'${true.toString().toUpperCase()}'", "Invalid resource type : ${true.toString().toUpperCase()}", "Invalid resource type : TRUE"}};
    }

    @Test(dataProvider = "getELInjectionAddResourceBinding")
    public void constraintViolation_ValidationUtil_AddResourceBinding(String str, String str2, String str3, String str4) throws Throwable {
        Response post = this.client.target(HOST_AND_PORT).path(str).request(new String[]{"application/json"}).post(Entity.json(("{'scope' : { 'clusters' : { 'kafka-cluster': 'StubMetadataClusterId' } },'resourcePatterns' : [{   'name':'Topic-Clicks','resourceType':" + str2 + ",  'patternType': 'LITERAL'}] }").replace("'", "\"")));
        org.junit.Assert.assertNotNull(post);
        verifyErrorResponse(post, str3, str4);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] getELInjectionAddResourceBindingPath() {
        return new Object[]{new Object[]{"/security/1.0/principals/User:Bob/roles/Pants%3A%24%7B999%2B1%7D/bindings", "Invalid role name : Pants:${999+1}", "Invalid role name : Pants:1000"}, new Object[]{"/security/1.0/principals/Pants%3A%24%7B999%2B1%7D/roles/DeveloperRead/bindings", "Invalid principal : Pants:${999+1}", "Invalid principal : Pants:1000"}, new Object[]{"/security/1.0/principals/%24%7Btrue.toString%28%29.toUpperCase%28%29%7D/roles/DeveloperRead/bindings", "Invalid principal : ${true.toString().toUpperCase()}", "Invalid principal : TRUE"}, new Object[]{"/security/1.0/principals/%23%7Btrue.toString%28%29.toUpperCase%28%29%7D/roles/DeveloperRead/bindings", "Invalid principal : #{true.toString().toUpperCase()}", "Invalid principal : TRUE"}};
    }

    @Test(dataProvider = "getELInjectionAddResourceBindingPath")
    public void constraintViolation_ResourceAnnotation_AddResourceBinding(String str, String str2, String str3) throws Throwable {
        Response post = this.client.target(HOST_AND_PORT).path(str).request(new String[]{"application/json"}).post(Entity.json(("{'scope' : { 'clusters' : { 'kafka-cluster': 'StubMetadataClusterId' } },'resourcePatterns' : [{   'name':'Topic-Clicks',  'resourceType':'Topic',  'patternType': 'LITERAL'}] }").replace("'", "\"")));
        org.junit.Assert.assertNotNull(post);
        verifyErrorResponse(post, str2, str3);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] getELInjectionLookup() {
        return new Object[]{new Object[]{"/security/1.0/lookup/principals/Pants%3A%24%7B999%2B1%7D/visibility", "Invalid principal : Pants:${999+1}", "Invalid principal : Pants:1000"}, new Object[]{"/security/1.0/lookup/principals/%24%7Btrue.toString%28%29.toUpperCase%28%29%7D/visibility", "Invalid principal : ${true.toString().toUpperCase()}", "Invalid principal : TRUE"}};
    }

    @Test(dataProvider = "getELInjectionLookup")
    public void constraintViolation_ResourceAnnotation_Lookup(String str, String str2, String str3) throws Throwable {
        Response post = this.client.target(HOST_AND_PORT).path(str).request(new String[]{"application/json"}).post(Entity.json("[ {'kafka-cluster': 'KID'} ]".replace("'", "\"")));
        org.junit.Assert.assertNotNull(post);
        verifyErrorResponse(post, str2, str3);
    }
}
